CODEWITHSUNDEEP
amazon-web-servicesamazon-s3amazon-elastic-beanstalk
ChrisBratherton
ChrisBratherton

Reputation: 1590

Copying a file from S3 into my codebase when using Elastic Beanstalk

I have the following script: 

Parameters:
  bucket:
    Type: CommaDelimitedList
    Description: "Name of the Amazon S3 bucket that contains your file"
    Default: "my-bucket"
  fileuri:
    Type: String
    Description: "Path to the file in S3"
    Default: "https://my-bucket.s3.eu-west-2.amazonaws.com/oauth-private.key"
  authrole:
    Type: String
    Description: "Role with permissions to download the file from Amazon S3"
    Default: "aws-elasticbeanstalk-ec2-role"

files:
  /var/app/current/storage/oauth-private.key:
    mode: "000600"
    owner: webapp
    group: webapp
    source: { "Ref" : "fileuri" }
    authentication: S3AccessCred

Resources:
  AWSEBAutoScalingGroup:
    Type: "AWS::AutoScaling::AutoScalingGroup"
    Metadata:
      AWS::CloudFormation::Authentication:
        S3AccessCred:
          type: "S3"
          roleName: { "Ref" : "authrole" }
          buckets: { "Ref" : "bucket" }

The issue that I am having is that when this is being deployed, the file aren't present in the /var/app/current/storage directory.

I thought that maybe this script was running too soon and the current directory wasn't ready yet, so I tried the ondeck directory and this also doesn't work.

If I change the path to anywhere other than my codebase directory it works, the file is copied from S3.

Any ideas? Thanks.

Upvotes: 2

Views: 1653

Answers (1)

littleforest
littleforest

Reputation: 2255

Directives under the "files" key are processed before your web application is set up. You will need to download the file to a tmp file, and then use a container_command to transfer it to your app in the current directory.

This AWS doc mentions near the top the order in which keys are processed. The files key is processed before commands, and commands are run before the application and web server are set up. However, the container_commands section notes that they are used "to execute commands that affect your application source code".

So you should modify your script to something like this:

Parameters: ...
Resources: ...

files:
  "/tmp/oauth-private.key":
    mode: "000600"
    owner: webapp
    group: webapp
    source: { "Ref" : "fileuri" }
    authentication: S3AccessCred

container_commands:
  file_transfer_1:
    command: "mkdir -p storage"
  file_transfer_2:
    command: "mv /tmp/oauth-private.key storage"

Upvotes: 3

Related Questions